Symfony

1-Rce

https://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149

2- use tool eos

https://github.com/Synacktiv/eos

3- path with sensative data disclosure

/_profiler
/app_dev.php/_profiler
/app_dev.php
/_profiler/empty/search/results?limit=10
/app_dev.php/_profiler/
/app_dev.php/_profiler/phpinfo
/app_dev.php/_profiler/open?file=app/config/parameters.yml
/app/config/config_test.yml
/_fragment
/_internal
/_proxy

4- secret fragment exploit

https://github.com/ambionics/symfony-exploits
http://web.archive.org/web/20230708081739/https://www.ambionics.io/blog/symfony-secret-fragment

5-use nuclie template

https://github.com/Az0x7/vulnerability-Checklist/blob/main/Hacking%20Symfony/template_1.yaml
https://github.com/Az0x7/vulnerability-Checklist/blob/main/Hacking%20Symfony/template_2.yaml
https://github.com/Az0x7/vulnerability-Checklist/blob/main/Hacking%20Symfony/template_3.yaml
https://github.com/Az0x7/vulnerability-Checklist/blob/main/Hacking%20Symfony/template_4.yaml

6- fuzz with

https://github.com/six2dez/OneListForAll/blob/main/dict/symphony_long.txt

PreviousDjango Nextjson